Thursday, May 3, 2012

Paypal Payment Spam Links to Malicious Sites Serving Malware

PayPal logoYou may be tempted to “click first, think later” when you receive a notice from PayPal saying you just sent payment to some random stranger, but is that email really from PayPal?

ZDNet warns that spammers are currently pushing out fake PayPal payment notices that are directing users to malicious sites that will attempt to exploit system vulnerabilities in order to plant malware on the visiting machine.

To make matters worse, only 17/42 antivirus programs detect the malware (MD5: 4f58895af2b8f89bd90092f08fcbd54f), which Sophos identifies as “Troj/Zbot-BTV” and McAfee detects as “PWS-Zbot.gen.ya,” according to a report from Virus Total.

Seeing the word "Zbot" should alarm you, as that's another alias for the infamous ZeuS banking Trojan that's well-known for its ability to steal sensitive login credentials and upload them to remote servers controlled by the attackers.

There's a good chance that many folks will be fooled by the bogus PayPal notifications too. The spammers have done a very good job making the spam emails look as authentic as possible (notice the spoofed sender's address: "PayPal",

PayPal malware spam

Email Screenshot Credit: ZDNET

What to Do if You Receive PayPal Spam

If you receive one of these spoofed PayPal emails, it’s recommended that you:

  • Avoid clicking on any embedded links.

  • Report the email to PayPal by forwarding it to

  • Delete the email immediately.

On a side note, it’s always a good idea to type the URL of the website you wish to visit directly into your address bar versus clicking on email links to avoid malware attacks in the future.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment